Significance of the Live Developer Platform Announcement

Yesterday, David Treadwell, our Vice President, made an announcement explaining the progress of some of our current investments in Live Developer Platform. I know David from back in Developer Division. He is a seasoned and inspiring leader and his deep experience with .NET platform is a great tribute to Microsoft seriousness in building a true developer platform for our Live services.

Two topics stand out for me in this announcement and here is why I think developer should care about them:

1) New API Unification strategy: We have over 30 (and growing) Live services that are publicly available today. You can expect these services continue to evolve and grow to provide more customer value over time. Today, the developer experience to build applications across these services is less than the perfect unified experience that one would hope for. We are heavily investing in making these APIs more coherent and consisted. Choosing Atom Publishing Protocol(APP) as the unifying API protocol is a big step towards a better unified Live platform. However, it is very important to note that APP will not be the only protocol that we will deliver our APIs in, but it is the common denominator protocol. Some services may decide to expose more heads (SOAP, JSON, WebDav, etc) based on their developer needs and scenarios. Even if you don’t like APP, don’t get hanged up on the fact that it is APP, think broader about the whole concept of having one way to experience many services that store different interesting dimensions of user data.

2) Delegation Authentication is a critical developer feature (which got the needed investment level): As you noticed, Windows Live ID team, now officially own and support Delegation Authentication. This is a change since what we announced last year. What this means is that we haven authentication seriously and have streamlined its scenarios into our core Live Platform Identity service. Without delegation, when applications and web sites want to access data of a Live ID user, they have to run their code in the context of user and with the same permission level. This causes a security issue not always this is the case that users trust an application do do anythin with thier system. Delegation Authentication enables a user to explicitly allow a web site to access part of his/her data within in a certain period of time. I will write another post dedicated to this and explain my experience trying to build a product using Live Delegation.